A new ransomware player, called Hunters International, has recently been discovered. What makes this group distinct is its origin story – it has inherited the source code and infrastructure from the dismantled Hive ransomware operation, a ransomware-as-a-service (RaaS) entity that…
The Industrial & Commercial Bank of China (ICBC), the world’s largest commercial bank by revenue, has fallen victim to a ransomware attack. The attack disrupted the U.S. Treasury market, leading to equities clearing issues and prompting emergency responses from financial…
Threat actors have exploited a zero-day vulnerability in SysAid, a leading IT Service Management (ITSM) solution, to compromise corporate servers for data theft and deploy the notorious Clop ransomware. This breach, identified as CVE-2023-47246, highlights the increasing sophistication of cyber…
In a series of relentless distributed denial-of-service attacks over the last 24 hours, OpenAI has grappled with intermittent outages affecting its API and ChatGPT services. While the company is actively working to mitigate the disruptions, the root cause remains undisclosed.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently identified and cataloged a high-severity flaw in the Service Location Protocol (SLP), underscoring the urgency for organizations to take immediate action. Tracked as CVE-2023-29552 with a CVSS score of 7.5, this…
Cybersecurity researchers have uncovered a new macOS malware strain, ObjCShellz, attributing it to the North Korea-linked nation-state group known as BlueNoroff. This threat actor has been connected to five ransomware-as-a-service (RaaS) programs over the past four years, showcasing a broad…
In a groundbreaking revelation, cybersecurity researchers have identified a major threat actor known as farnetwork, a key player linked to five distinct ransomware-as-a-service (RaaS) programs over the past four years. Insights from a Unique “Job Interview” Process Singapore-based Group-IB, in…
Multiple ransomware collectives are actively capitalizing on recently unveiled vulnerabilities in Atlassian Confluence and Apache ActiveMQ, according to cybersecurity firm Rapid7. CVE-2023-22518, CVE-2023-22515 The observed exploitation of CVE-2023-22518 and CVE-2023-22515 in various customer environments has resulted in the deployment of…
Veeam has swiftly responded to security concerns by releasing updates that target four vulnerabilities in its ONE IT monitoring and analytics platform, two of which hold critical severity ratings. Veeam Vulnerabilities: CVE-2023-38547, CVE-2023-38548, CVE-2023-38549, CVE-2023-41723 The identified vulnerabilities are: CVE-2023-38547…
A covert and sophisticated strain of malware named StripedFly has silently navigated the digital realm, eluding detection for over half a decade. Kaspersky, the renowned Russian cybersecurity vendor, has unveiled the inner workings of this insidious malware. The StripedFly malware…
Social media platforms, often seen as arenas for connection and expression, have become breeding grounds for financially motivated threat actors orchestrating large-scale attacks. Bitdefender Labs has been vigilant in monitoring a growing trend where cybercriminals exploit social media networks for…
Researchers from VMware Carbon Black have unearthed a concerning revelation — 34 unique Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers are susceptible to exploitation by non-privileged threat actors. The repercussions are dire, allowing malevolent entities to seize…
Atlassian, the Australian software company, has issued a warning regarding a critical security flaw in Confluence Data Center and Server, emphasizing the potential for significant data loss if exploited by an unauthorized attacker. Tracked as CVE-2023-22518, this vulnerability scores a…
In a recent cybersecurity revelation, state-sponsored threat actors hailing from the Democratic People’s Republic of Korea (DPRK) have been identified targeting blockchain engineers associated with an undisclosed crypto exchange platform. Lazarus Group’s Mac Malware Evolution The assailants, linked to the…
In a recent study, a group of academics has introduced iLeakage, a groundbreaking side-channel attack exploiting a vulnerability in Apple’s A- and M-series CPUs, affecting iOS, iPadOS, and macOS devices. This attack enables the extraction of sensitive information from the…
In a recent revelation, a proof-of-concept (PoC) exploit for the ‘Citrix Bleed’ vulnerability has surfaced, marked as CVE-2023-4966. This vulnerability poses a critical threat, allowing attackers to extract authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances.…
Security researchers discovered that the threat actor group Winter Vivern, also known as TA473 and UAC-0114, is exploiting a specific zero-day vulnerability. The said vulnerability is CVE-2023-5631, with a CVSS score of 5.4 in Roundcube webmail software, which was exploited…
In a recent report, Horizon3.ai’s Naveen Sunkavally highlighted an easily exploitable vulnerability. CVE-2023-43208 is a vulnerability in Mirth Connect, the widely-used open-source data integration platform by NextGen HealthCare. This unauthenticated remote code execution flaw, addressed in the latest release (version…
In a bid to fortify its virtualization infrastructure, VMware has recently rolled out crucial security updates to tackle a severe vulnerability within the vCenter Server. The identified flaw, denoted as CVE-2023-34048 with a substantial CVSS score of 9.8, revolves around…
Ransomware continues to cast a formidable shadow over organizations worldwide. From the resurgence of prominent ransomware families to targeted regions and sectors, we uncover the narratives within the statistics, offering insights into the ongoing battle against this pervasive cyber threat.…
